Race Condition in NetScaler ADC and NetScaler Gateway when appliance is configured as Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server leading to User Session Mixup
| Vendor | Product | Versions |
|---|---|---|
| Citrix | NetScaler ADC and NetScaler Gateway | 14.1-66.59, 13.1-62.23, 13.1-37.262, 14.1-66.54, 14.1 before 14.1-66.59, 13.1 before 13.1-62.23, 13.1-FIPS before 13.1-37.262 |
Updated affected versions, severity to HIGH, CVSS score to 7.7, added new CWE-362, and provided patch availability details.
Updated severity to CRITICAL, marked exploit as available, and noted active exploitation.
Updated severity to HIGH, added affected version 14.1-66.54, and set CVSS score to 7.7 for the race condition flaw.
Added vendor Citrix, product details, affected versions, updated severity to HIGH, and marked exploit as available and actively exploited.
Initial creation
